Proving possession of a communications device via a directed connection

ABSTRACT

Briefly, example methods, apparatuses, and/or articles of manufacture may be implemented, in whole or in part, to prove possession of a communications device, such as a mobile communications device. In a particular method, proving possession of a communications device may include receiving, from a client server, an indicator to indicate a communication services carrier servicing the communications device. The method may continue with generating a session identifier and a resource locator to direct the communications device to establish communications with an identity verifier at an address corresponding to the resource locator. The resource locator may be determined based, at least in part, on the indicator received from the client server. The method may additionally include the communications device transmitting one or more identifiers, determined, at least in part, from content stored within, or data derived from, memory of the communications device.

BACKGROUND 1. Field

The present disclosure relates generally to performing electronictransactions, such as by way of an electronic communications device,which may involve verifying or proving that an individual is currentlyin possession of, or at least collocated with, a particularcommunications device.

2. Information

The World Wide Web or simply the Web, as enabled by the Internet, hasgrown rapidly in recent years at least partially in response to therelative ease by which a wide variety of transactions can be performedor enabled via the Internet by way of a communications device. As aconsequence of widely available Internet connections, includingconnections to the Internet facilitated by mobile cellular communicationservices, for example, a mobile subscriber may shop and/or browse forvirtually any product and/or service utilizing a communications device.However, in such an environment, in which electronic- and/orInternet-based commerce has become increasingly common, occurrences offraud and deception, unfortunately, can also occur. To reduce theinstances of fraud and deception, fraud-protection processes and/orprocedures may be implemented. Such implementations may be utilized, forexample, in connection with everyday online or electronic transactions,which may include financial transactions, establishment of lines ofcredit, in-store purchases for goods and/or services, or the like.

As devices typically utilized for communicating and/or performingInternet-based electronic transactions, such as smart phones, tabletcomputing devices, laptop computers, etc., become increasinglysophisticated, techniques for accomplishing fraud utilizing such deviceshave also become more sophisticated. Techniques for accomplishing fraudmay involve use of and/or knowledge of complex technology, for example,which may be related to the particular hardware and/or softwareplatforms associated with such smart phones, tablets, laptop computers,etc. Thus, attempts to reduce the instances of fraud and deception,which may involve, for example, use of various electronic devices,continues to be an active area of investigation.

SUMMARY

One general aspect concerns a method of proving possession of acommunications device including receiving, from a client server, anindicator to identify a communication services carrier providingcommunication services to the communications device, generating asession identifier and a resource locator to be used by thecommunications device to establish a directed connection with anidentity verifier at an address corresponding to the resource locator,the resource locator being determined based, at least in part, on theindicator received from the client server. The method further includestransmitting the session identifier and/or the resource locator to theclient server and receiving, from the client server via a thecommunication services carrier, one or more identifiers of thecommunications device based, at least in part, on the session identifierand the resource locator, the one or more identifiers to be determined,at least in part, from content stored within, or data derived from,memory of the communications device.

In particular embodiments, the method may additionally includedetermining the identity of the communications device based, at least inpart, on the received one or more identifiers. In particularembodiments, the resource locator corresponds to a uniform resourcelocator (URL). In particular embodiments, the received one or moreidentifiers may include a telephone number, an International MobileSubscriber Identifier (IMSI), an Integrated Circuit Card Identifier (ICCID), an International Mobile Equipment Identifier (IMEI), a MobileStation International Subscriber Directory Number (MSISDN), a MediaAccess Control (MAC) address, or any combination thereof. In particularembodiments, the generated URL may include the session identifier, and,in addition, the generated URL may to be received by the communicationsdevice via the client server. In particular embodiments, the sessionidentifier may include a one-time-use token. In particular embodiments,the indicator can include an alphanumeric combination that indicates aspecific communication services carrier providing services to thecommunications device. In particular embodiments, the received indicatormay correspond to an Internet protocol (IP) address. In particularembodiments, the method may additionally include the identity verifieraccessing a data store to determine a specific communication servicescarrier providing services to the communications device based, at leastin part, on the received IP address. The method may further includereceiving, by the identity verifier, the session identifier from thecommunications device and, responsive to receiving the sessionidentifier, revoking the session identifier. The method may additionallyinclude establishing a browser-based session between the identityverifier and the communications device, which may involve use of atleast one additional session identifier. In particular embodiments, themethod may include receiving the session identifier from thecommunications device and revoking the session identifier so as topreclude a further use of the session identifier. In particularembodiments, the method may include generating, via the identityverifier, the at least one additional session identifier andestablishing a browser based session with the communications device,based at least in part on the at least one additional sessionidentifier. In particular embodiments, the at least one additionalsession identifier includes one or more additional one-time-use tokens.In particular embodiments, the memory of the communications device maycorrespond to one or more memory locations on a subscriber identitymodule (SIM).

Another general aspect refers to a server having a processor coupled toat least one memory device, the processor coupled to the at least onememory device to receive, from a client server, an indicator to identifya communication services carrier providing communication services to acommunications device, to generate a session identifier and a resourcelocator to be used by the communications device to direct thecommunications device to an identity verifier at an address tocorrespond to the resource locator, the resource locator to be generatedbased, at least in part, on the indicator received from thecommunications device via the client server, to transmit the sessionidentifier and/or the resource locator to the communications device viathe client server, and to receive, from the client server via thecommunication services carrier, one or more identifiers of thecommunications device based, at least in part, on the session identifierand the resource locator. The one or more identifiers may be determined,at least in part, from content stored within, or data derived from,memory of the communications device.

In particular embodiments, the one or more identifiers may include atelephone number, an International Mobile Subscriber Identifier (IMSI),an Integrated Circuit Card Identifier (ICC ID), an International MobileEquipment Identifier (IMEI), a Mobile Station International SubscriberDirectory Number (MSISDN), a Media Access Control (MAC) address, or anycombination thereof. In particular embodiments, the resource locatorcorresponds to a uniform resource locator (URL). In particularembodiments, session identifiers may include one or more one-time-usetokens. In particular embodiments, the indicator identifying thecommunication services carrier includes an alphanumeric combination. Inparticular embodiments, the indicator identifying the communicationservices carrier includes an Internet protocol (IP) address. Inparticular embodiments, the processor and the at least one memory areadditionally to access a data store to determine the communicationservices carrier to provide services to the communications device based,at least in part, on the IP address. In particular embodiments, theprocessor and the at least one memory of the identity verifier areadditionally to receive the session identifier from the communicationsdevice and revoke the session identifier so as to preclude a further useof the session identifier. In particular embodiments, the processor andthe at least one memory are additionally to generate, via the identityverifier, at least one additional session identifier and establish abrowser based session with the communications device, based at least inpart on the at least one additional session identifier. In particularembodiments, the at least one additional session identifier includes oneor more additional one-time-use tokens.

Another general aspect refers to an article including a non-transitorystorage medium having instructions stored thereon executable by aspecial-purpose computing platform to receive, from a client server, anindicator to identify a communication services carrier providingcommunication services to a communications device, to generate a sessionidentifier and a resource locator to be used by the communicationsdevice to establish communications with an identity verifier at anaddress to correspond to the resource locator, the resource locator tobe generated based, at least in part, on the indicator received from thecommunications device via the client server, to transmit the sessionidentifier to the communications device via the client server, and toreceive, from the client server via the communication services carrier,one or more identifiers of the communications device based, at least inpart, on the session identifier and the resource locator, the one ormore identifiers to be determined, at least in part, from content storedwithin, or data derived from, memory of the communications device. Inparticular embodiments, the article includes instructions to access adata store to determine a communication services carrier providingservices to the communications device based, at least in part, on anInternet protocol (IP) address referred to by the indicator. Inparticular embodiments the generated resource locator includes thesession identifier, wherein the resource locator is to be received bythe communications device via the client server. In particularembodiments, the article additionally includes instructions to receivefrom the communications device, via the client server, the sessionidentifier, and to, responsive to receipt of the session identifier,revoke the session identifier so as to preclude further use of thesession identifier. In particular embodiments, the article additionallyincludes instructions to establish a browser-based session with thecommunications device and to access the data store to determine one ormore deterministic events with respect to the communications device.

Another general aspect refers to a communications device, comprising atleast one processor coupled to at least one memory device to receive aresource locator from an identity verifier, the resource locator to havebeen generated by the identity verifier and to include a sessionidentifier, and, in response to receipt of the resource locator,establish communications with a computing device at a logical locationcorresponding to the resource locator under direction of the identityverifier. The processor coupled to the at least one memory may beadditionally to establish a browser session with the identity verifierand to transmit one or more identifiers to be determined, at least inpart, from content stored within, or data derived from, memory of thecommunications device, to the identity verifier in response to one ormore queries from the identity verifier.

In particular embodiments, the resource locator corresponds to a uniformresource locator (URL). in particular embodiments, the received sessionidentifier is generated responsive to receipt of an indicator toidentify a communication services carrier providing communicationservices with the communications device. In particular embodiments, theindicator corresponds to an Internet protocol (IP) address. Inparticular embodiments, the indicator corresponds to an alphanumericcombination to indicate a particular communication services carrierproviding services to the communications device.

BRIEF DESCRIPTION OF THE DRAWINGS

Claimed subject matter is particularly pointed out and distinctlyclaimed in the concluding portion of the specification. However, both asto organization and/or method of operation, features, and/or advantagesthereof, it may best be understood by reference to the followingdetailed description if read with the accompanying drawings in which:

FIG. 1 is a diagram of a telecommunications infrastructure, according tovarious embodiments.

FIG. 2 shows a subscriber in possession of a communications device topermit interaction with a client server and an identity verifier,according to an embodiment.

FIG. 3 is a diagram showing message flow between a communicationsdevice, a client server, and an identity verifier, according to anembodiment.

FIG. 4 shows a communications device determining or obtainingdevice-specific parameters from a SIM, according to an embodiment.

FIG. 5 shows a process of proving possession of a communications devicevia a directed connection to an identity verifier, according to anembodiment.

FIG. 6 is a diagram showing a computing environment, according to anembodiment.

FIG. 7 is a flowchart for a process of proving possession of acommunications device, according to an embodiment.

Reference is made in the following detailed description to theaccompanying drawings, which form a part hereof, wherein like numeralsmay designate like parts throughout that are corresponding and/oranalogous. It will be appreciated that the figures have not necessarilybeen drawn to scale, such as for simplicity and/or clarity ofillustration. For example, dimensions of some aspects may be exaggeratedrelative to others, one or more aspects, properties, etc. may beomitted, such as for ease of discussion, or the like. Further, it is tobe understood that other embodiments may be utilized. Furthermore,structural and/or other changes may be made without departing fromclaimed subject matter. References throughout this specification to“claimed subject matter” refer to subject matter intended to be coveredby one or more claims, or any portion thereof, and are not necessarilyintended to refer to a complete claim set, to a particular combinationof claim sets (e.g., method claims, apparatus claims, etc.), or to aparticular claim.

DETAILED DESCRIPTION

References throughout this specification to one implementation, animplementation, one embodiment, an embodiment, and/or the like meansthat a particular feature, structure, characteristic, and/or the likedescribed in relation to a particular implementation and/or embodimentis included in at least one implementation and/or embodiment of claimedsubject matter. Thus, appearances of such phrases, for example, invarious places throughout this specification, are not necessarilyintended to refer to the same implementation and/or embodiment or to anyone particular implementation and/or embodiment. Furthermore, it is tobe understood that particular features, structures, characteristics,and/or the like described, are capable of being combined in various waysin one or more implementations and/or embodiments and, therefore, arewithin intended claim scope. In general, of course, for thespecification of a patent application, these and other issues have apotential to vary in a particular context of usage. In other words,throughout the disclosure, particular context of description and/orusage provides guidance regarding reasonable inferences to be drawn;however, likewise, the term “in this context” in general without furtherqualification refers at least to the context of the present patentapplication.

As previously alluded to, in an environment in which electroniccommunication devices, such as mobile cellular communications devices,voice over Internet protocol (VoIP) communications devices, etc., areubiquitous, a user of an electronic communications device may wish toperform an electronic or digital transaction. Such transactions mayinvolve completing an application for credit, engaging in an electronicfinancial transaction, purchasing a product and/or service, completingof a loan application, completing of one or more forms involved withapplying for healthcare coverage (such as in connection with visiting ahealth provider's office), and/or engaging in a number of other types oftransactions via an electronic communications device (or, more simply, a“communications device”). To facilitate these types of transactions, forexample, a subscriber collocated with a communications device mayestablish an identity, such as may be established in connection with acommunications device subscriber account with a cellular or mobilecommunications device services carrier, a VoIP services provider, orother type of communication services carrier. Establishment of anaccount associated with a communications device, utilizing, for example,a subscriber account identifier (e.g., a cellular telephone number), maypermit an individual attempting to engage in an electronic or digitaltransaction to be authenticated, authorized, and/or verified. In someinstances, in view of the nature of electronic or digital transactions,such as in an environment in which electronic or digital transactionsare initiated via a communications network at any time and at anylocation, it may be useful to verify and/or authenticate a userrelatively quickly, such as in a real-time fashion, for example.

As a general matter, verification of possession of a communicationsdevice by a transacting party such as a party proximate or collocatedwith a communications device, may be desirable in response to a clientinstitution or organization (e.g., a financial institution, a brokerage,a healthcare provider, etc.) seeking to determine and/or prove identityof the transacting party (e.g., a mobile subscriber). Proving possessionof a communications device, such as with a transacting party, mayinvolve establishing a correspondence between the transacting party anda subscriber account identifier. In this context, correspondence,association, and/or similar terms refer to a persistent, continuing, andobjectively verifiable relationship between the transacting party inpossession of, for example, a particular communications device, such asa mobile communications device. Thus, a unique subscriber accountidentifier may be employed to signify and/or identify a particulartransacting party. In this context, the term “mobile communicationsdevice identity” and/or similar terms refer to an identity thatleverages a mobile communications device account relationship (alsoreferred to as a correspondence and/or association) of a subscriber as asource of authentication, authorization, and/or verification of atransacting party. Also in this context, the term “mobile subscriberdevice account” and/or similar terms refer to a mobile communicationservices provider account. The terms “mobile communications deviceservices provider,” “mobile communications device carrier,” and “mobilenetwork operator” may be used interchangeably. Furthermore, in thiscontext, the term “mobile device services carrier,” “telecommunicationservices carrier,” “services carrier,” or simply “carrier” may refer toan entity of a communications infrastructure that provides wired and/orwireless communication services to the general public for aconsideration, such as a monthly subscription fee.

In the context of the present disclosure, a “communication servicescarrier” may refer to a mobile communication services provider and/ormobile network operator. However, there are examples of carriers that donot correspond to mobile communications device services providers and/ormobile network operators. Such instances may include wireline servicesproviders (for example, providers of services operating within thepublic switched telephone network or PSTN), which include wirelineservices for rotary dial telephones and/or telephones utilizing, forexample, dual tone multi-frequency (DTMF) signaling. Accordingly, theterms “services carrier” or simply “carrier” may be used in place of acommunication services provider and/or wireline telephone servicesprovider without a loss in meaning and/or understanding. In a givensituation, particular context of usage should indicate if a term isbeing used in a general sense or in a narrower sense, such as referringto a mobile communications device services provider, wireline servicesprovider, mobile paging services provider, and/or mobile networkoperator, for example.

Other aspects of verifying and/or authenticating a mobile subscriber,such as by way of proving that a mobile subscriber is in possession of acommunications device, are also described in greater detail hereinbelow.For example, in an embodiment, verifying the identity of and/orauthenticating a transacting party may relate to a mobile account and/ora mobile subscriber. Further, a mobile subscriber account is one exampleof a type of subscriber account, especially in a networked electroniccommerce environment, although claimed subject matter is not intended tobe limited to online accounts or to mobile accounts. Rather, the term“account” or “subscriber account” in this context refers to a formalbusiness arrangement between an entity, a person, or other party seekingto engage in a transaction, and a provider of the account, so as toaccomplish a business purpose, for example. Thus, the term “account” isintended to be broadly interpreted as an arrangement that may providecertain privileges. In this context, privileges may involve access tocredit, so as to facilitate the purchase of goods or services, access toprivileged content, such as premium entertainment content (e.g., premiumsports, cinema, or other entertainment content). Also in this context,the term “privileged content” is intended to be interpreted broadly soas to encompass any type of content available exclusively to certainindividuals and/or certain entities in response to supplying certaincredentials. Also in this context the term “parameters” refers numericalor other measurable factors capable of defining a system and/or to setconditions for operation of a system. Thus, for example, a set ofparameters may include parameters stored via a non-transitory memorythat forms or defines, at least in part, an electronic representation ofthe state of a mobile subscriber.

Likewise, an account may comprise various attributes. In this context,the term “subscriber account identifier” refers to a unique descriptoror feature associated with the account that defines certain aspects ofthe account. For example, in nonlimiting illustrations, a subscriberaccount identifier may refer to (or may at least be associated with) amobile telephone number, a mobile subscriber unique alias, aninternational mobile subscriber identifier (IMSI), Integrated CircuitCard Identifier (ICC ID), a mobile services and/or other type ofidentifier (e.g., a unique identifier) employed in connection with theparticular mobile network operator or the mobile communication servicesprovider. Mobile communications networks may include those compatible orcompliant with a Global System for Mobile Communications (GSM)telecommunications network, for example. Other examples of mobilesubscriber account identifiers may include an International MobileEquipment Identifier (IMEI), Mobile Station International SubscriberDirectory Number (MSISDN), a mobile equipment identifier or any otheridentifier that may be utilized to identify a mobile billing accountnumber/identifier.

As discussed herein, a subscriber collocated with, or in possession of,a communications device may apply for an account, such as a creditaccount, for example, or may apply for any other type of account thatimparts or confers particular privileges on the subscriber collocated orin possession of the communications device. In other instances, asubscriber collocated with a mobile device may attempt to engage in afinancial transaction, for example, or may attempt to access privilegedinformation/privileged content, just to name a few examples. In manyinstances, to obtain privilege, such as access to credit, access toprivileged information (e.g., premium content streaming or otherentertainment) a mobile subscriber may be required to complete anapplication, such as an application for an account, an application forcredit, an application for an increase in credit, or may be required tomake another type of formal request, which involves the subscribersupplying subscriber-specific parameters. However, as previously alludedto, it may be advantageous for the subscriber, and for the institutionproviding privileges to the subscriber, for example, to verify or provethat, indeed, the subscriber is collocated with (or is in possession of)a particular communications device. By proving possession of aparticular communications device, an institution may reduce the risk ofa subscriber engaging in fraudulent behavior by impersonating aparticular mobile subscriber and/or by obtaining another subscriber'smobile phone, such as by theft or by any other type of unscrupulousbehavior.

Thus, in particular embodiments, proving possession of a communicationsdevice may reduce the likelihood of an unscrupulous individualcompleting a fraudulent financial transaction, such as transactionsinvolving credit applications, increases in credit lines, purchases,asset sales, access to premium content, or the obtaining of any othertype of privileges via fraud and/or deception. In particularembodiments, proving possession of a communications device may involveinitiating a browser session via the communications device, in which thedevice is directed to connect or establish contact with an identityverifier via a resource locator, such as a uniform resource locator(URL). During such a browser session, which may be initiated by asubscriber in possession of or collocated with a particularcommunications device, an application program, executing by way of aprocessor coupled to at least one memory of the communications device,may obtain or derive specific communications device parameters directly,and without user input, from memory elements within the device.Communications device parameters may comprise those accessed from asubscriber identity module (SIM), or from any other memory or parameterstorage location accessible by a processor of the communications device.In some instances, by way of obtaining parameters stored in a SIM of thecommunications device, for example, under the direction of a browserprogram operating on the device, an identity verifier can be assuredthat the subscriber operating the communications device is, indeed, inpossession of the particular communications device.

Responsive to an identity verifier having proved that an assumed orpurported subscriber is, indeed, in possession of a particularcommunications device, a financial institution, for example, may beconfident that a verified and/or authenticated individual is attemptingto engage in a transaction. Conversely, in response to an identityverifier determining that an assumed or purported subscriber is likelynot in possession of a particular communications device (or cannot beproven to be in possession of a particular communications device), afinancial institution, for example, may elect to terminate a financialtransaction, for example.

Further, an identity verifier may utilize parameters obtained from aspecific communications device to access one or more records relating tohistorical events with respect to the particular communications device.In particular embodiments, records relating to historical eventsrelative to the particular communications device may be indicative ofthe reputation of the communications device. Thus, responsive to anidentity verifier obtaining records relating to historical eventsrelevant to the particular communications device, the identity verifiermay report a measure of trust or trustworthiness with respect to aparticular communications device. In some instances, a financialinstitution, for example, may utilize measures of trust ortrustworthiness of a particular communications device to influencewhether particular transactions should be permitted to take place. Forexample, responsive to an identity verifier reporting a relatively lowmeasure of trust or trustworthiness of a communications device, afinancial institution may permit only low-value transactions (e.g., lessthan $100) to take place. In another example, responsive to an identityverifier reporting a relatively high measure of trust or trustworthinessof a particular communications device, a financial institution maypermit transactions of virtually any value to take place.

Thus, particular embodiments of claimed subject matter may allow afinancial institution to be assured that an unscrupulous individual, whomight be impersonating the owner of the particular communicationsdevice, for example, cannot complete a financial transaction. In manyinstances, precluding unscrupulous individuals from engaging infraudulent financial transactions, such as by way of the fraudulentimpersonation of a particular communications device account holder,operates to protect authentic account holders as well as financialinstitutions, content providers, healthcare institutions, and so forth.In addition, following an identity verifier verifying and/orauthenticating a particular subscriber, such as by way of determiningthat the subscriber is in possession of a specific communicationsdevice, particular embodiments of claimed subject matter may permit anidentity verifier to report to a financial institution, for example, ameasure of trust and/or trustworthiness of a particular communicationsdevice. By way of reporting trust and/or trustworthiness to a financialinstitution, certain types of transactions may be permitted to occurwhile other types of transactions may be disallowed. Preventingfraudulent transactions may bring about a reduction in instances ofidentity theft, fraud related to credit cards and/or other instruments,circumventing of parental controls, pirating of exclusive entertainmentcontent, and so forth.

In particular embodiments, a method of proving possession of acommunications device may proceed in response to a subscriber(purportedly or assumed to be in possession of the communicationsdevice) contacting a client server or other type of processing resourceunder the control and/or the direction of, for example, an institution(e.g., a financial institution, a healthcare provider, a contentprovider, etc.). Such contact may, at least in certain embodiments, bein response to a subscriber attempting to initiate a financialtransaction, initiate accessing of privileged content, etc. Inparticular embodiments, the client server, perhaps operating inaccordance with the business rules and/or business logic implemented bythe institution may facilitate and/or support identity verificationand/or authentication prior to permitting certain types of transactionsto occur. Accordingly, in response to the subscriber contacting theinstitution, the client server may communicate with an identityverifier, who may operate to prove that a particular subscriber is,indeed, in possession of a certain mobile communications device. Suchproof may enable the identity verifier to verify, authorize, and/oraudit the identity of the subscriber. As a part of a process toauthenticate, verify, and/or authorize a transaction involving thesubscriber, the client server of the institution may participate indirecting the communications device in the possession of the subscriberto establish a connection, such as via the Internet, with a website, forexample, under the control of an identity verifier. In turn, theidentity verifier may initiate a browser session directly with thecommunications device of the subscriber so as to facilitatesession-based communications between the identity verifier and thecommunications device. Following establishment of a browser sessionbetween the identity verifier and the communications device, theidentity verifier may direct the communications device to obtain, forexample, hardware parameters stored at memory locations within thecommunications device. In an embodiment, in response to receiving one ormore queries from the identity verifier, the communications device mayaccess a SIM (or other memory device) of the communications device todetermine or obtain specific device parameters. The specific deviceparameters may be encoded and forwarded to the identity verifier. Theidentity verifier may utilize such device-specific parameters determinedor obtained from the communications device so as to permit comparison ofthe device parameters with corresponding parameters stored in a datastore accessible to the identity verifier. Responsive to agreement or amatch between parameters from the communications device and parametersobtained from the data store, the identity verifier may prove theidentity of and/or authenticate the subscriber operating the particularcommunications device.

As previously noted, in particular embodiments, after verification ofthe identity of a particular communication services subscriber, anidentity verifier may access a data store to determine a reputation withrespect to a communications device. In particular embodiments, areputation with respect to a communications device may be negativelyimpacted (e.g., degraded) responsive to the communications device beingassociated with one or more risk events. Such risk events may include,but are not limited to, recent porting of a subscriber accountidentifier (e.g., a telephone number) associated with a communicationsdevice, recent replacement of a communications device, a recent requestof a one-time-password associated with a communications device,removal/replacement of a SIM of a communications device, as well as anynumber of additional risk events associated with the device. Inparticular embodiments, a reputation of a communications device may bepositively impacted (e.g., enhanced) responsive to the device havingnever been ported (or having not been ported for a prolonged period oftime), having never undergone removal/replacement of a SIM (or havingnot undergone such removal/replacement of a SIM for a prolonged periodof time), and so forth. It should be noted that claimed subject matteris intended to embrace risk events with respect to a communicationsdevice other than these, virtually without limitation.

In particular embodiments, a communications device subscriber seeking toengage in a financial transaction, for example, may access a financialinstitution, via a wireless connection between a communications devicecollocated with the subscriber, and a client server, for example, underthe control and/or direction of the financial institution. Followingestablishment of a communications link between the communications deviceand the client server, the device may transmit an indicator, such as anInternet protocol (IP) address, or, for example, an alphanumericcombination, that identifies a communication services carrier providingcommunication services to the device. In turn, the client server mayconvey the indicator received from the communications device to anidentity verifier. Responsive to receipt of the indicator indicating acommunication services carrier providing communication services to thedevice, and based, at least in part, on the content of the receivedindicator, the identity verifier may formulate and/or generate a sessionidentifier, which may comprise a one-time-use token. The sessionidentifier may be transmitted to the communications device via theclient server. In particular embodiments, the formulation and/orgeneration of a session identifier may be tailored to particular IPaddresses, or ranges of IP addresses, which may be indicative of aparticular carrier providing services to the communications device. Incertain other embodiments, formulation and/or generation of a sessionidentifier may be tailored in accordance with a particular servicecarrier as indicated by an alphanumeric combination (e.g., “XYZ”wireless services).

In particular embodiments, a session identifier may be arranged orpositioned within a resource locator, such as a URL, which may betransmitted to a communications device. Following receipt of the sessionidentifier by the communications device, the device may be directed orpointed to a location corresponding to the identity verifier. Theidentity verifier may then revoke the session identifier so as to ensurethat the session identifier cannot be reused, such as by a fraudulentactor who may attempt operate another communications device. Uponrevoking the session identifier, the identity verifier may initiate abrowser session with the communications device, which may involvegeneration of at least one additional session identifier comprising oneor more one-time-use tokens. During a browser session, an identifyverifier may transmit one or more an additional session identifiercomprising one or more additional one-time-use tokens to acommunications device. While a browser session is in progress, and underthe direction of, for example, an application program interface (API),the communications device may access or determine one or more storedparameters from a SIM (or other memory location) internal to thecommunications device. Alternatively, or in addition to, an API mayderive communications device-specific from memory devices within, orunder the control of, the communications device.

Such parameters may then be transmitted to the identity verifier duringthe browser session. In particular embodiments, by way of an identityverifier receiving one or more stored parameters from a SIM of thecommunications device, the identity verifier can have relatively highconfidence, or actual proof, that the subscriber is, indeed, inpossession of a particular communications device. Accordingly, theidentity verifier can be assured that a trustworthy, verified, and/orauthenticated account holder is attempting to engage in a transaction,such as a financial transaction, rather than an unscrupulous individualattempting to engage in a fraudulent transaction. Following transmissionof one or more stored parameters from a SIM of the communicationsdevice, and following verification and/or authentication, thecommunications device may be directed back to the client server of thefinancial institution.

Although the discussion that follows relates to any type of account, innonlimiting illustrations, accounts corresponding to communicationsdevices may be used for illustration. However, it is understood thatclaimed subject matter is intended to not be limited to examplesprovided primarily for purposes of illustration, since such examples maybe oversimplified for purposes of comprehension, for example.

As previously alluded to, in particular instances, a mobile subscribermay attempt to access a bank account via a voice call, a web browser, orby utilizing a computer process executing by way of a processor coupledto at least one memory of a communications device, for example, whichmay permit the mobile subscriber to engage in a financial transaction.Hence, a bank, lender, brokerage firm, or any other type of financialinstitution, in response to an attempt to access the bank account, mayemploy an application programming interface (API) substantiallycompatible and/or substantially compliant with HTTP and/or HTTPS,including versions now known and/or to be later developed, and/oranother suitable protocol (e.g., now known and/or to later bedeveloped). In such examples, a user may seek to take one or moreactions with respect to an account, such as, for example, establishingan account, updating a credit value (e.g., credit limit) for an account,transferring funds, viewing a history of electronic or digitaltransactions, updating privileged content and/or parameters, etc.

In FIG. 1 (embodiment 100) communications device 102 may transmit radiosignals to, and receive radio signals from, a wireless communicationsnetwork. In an example, communications device 102 may communicate with acellular communications network by transmitting wireless signals to,and/or receiving wireless signals from, a cellular transceiver 110,which may comprise a wireless base transceiver subsystem (BTS), a Node Bor an evolved NodeB (eNodeB), over wireless communication link 123.Similarly, communications device 102 may transmit wireless signals to,and/or receive wireless signals from, local transceiver 115 overwireless communication link 125. A local transceiver 115 may comprise anaccess point (AP), femtocell, Home Base Station, small cell basestation, Home Node B (HNB) or Home eNodeB (HeNB) and may provide accessto a wireless local area network (WLAN, e.g., IEEE 802.11 network), awireless personal area network (WPAN, e.g., Bluetooth® network) or acellular network (e.g. an LTE network or other wireless wide areanetwork, such as those discussed herein). Of course, it should beunderstood that these are merely examples of networks that maycommunicate with a mobile device over a wireless link, and claimedsubject matter is not limited in this respect. In particularembodiments, cellular transceiver 110, local transceiver 115, satellite114, and PSTN 150 represent touchpoints, which permit communicationsdevice 102 to interact with network 130.

Examples of network technologies that may support wireless communicationlink 123 are GSM, Code Division Multiple Access (CDMA), Wideband CDMA(WCDMA), Long Term Evolution LTE), High Rate Packet Data (HRPD). GSM,WCDMA and LTE are technologies defined by 3GPP. CDMA and HRPD aretechnologies defined by the 3^(rd) Generation Partnership Project 2(3GPP2). WCDMA is also part of the Universal Mobile TelecommunicationsSystem (UMTS) and may be supported by an HNB. Cellular transceivers 110may comprise deployments of equipment providing subscriber access to awireless telecommunication network for a service (e.g., under a servicecontract). In the embodiment of FIG. 1 , a cellular transceiver 110 mayperform functions of a cellular base station in servicing subscriberdevices within a cell determined based, at least in part, on a range atwhich the cellular transceiver 110 is capable of providing accessservice. Examples of radio technologies that may support wirelesscommunication link 125 are IEEE 802.11, BT and LTE.

In a particular implementation, cellular transceiver 110 and localtransceiver 115 may communicate with server 140, such as by way ofnetwork 130 via communication links 145. Here, network 130 may compriseany combination of wired or wireless links and may include cellulartransceiver 110 and/or local transceiver 115 and/or server 140. In aparticular implementation, network 130 may comprise Internet Protocol(IP) or other infrastructure capable of facilitating communicationbetween communications device 102 at a call source and server 140through local transceiver 115 or cellular transceiver 110. In anembodiment, network 130 may also facilitate communication betweencommunications device 102, server 140 and a PSTN 150, for examplethrough communications link 160. In another implementation, network 130may comprise a cellular communication network infrastructure such as,for example, a base station controller or packet based or circuit basedswitching center (not shown) to facilitate mobile cellular communicationwith communications device 102. In a particular implementation, network130 may comprise local area network (LAN) elements such as WiFi APs,routers and bridges and may, in such an instance, comprise links togateway elements that provide access to wide area networks such as theInternet. In other implementations, network 130 may comprise a LAN andmay or may not involve access to a wide area network but may not provideany such access (if supported) to communications device 102. In someimplementations, network 130 may comprise multiple networks (e.g., oneor more wireless networks and/or the Internet). In one implementation,network 130 may include one or more serving gateways or Packet DataNetwork gateways. In addition, one or more of server 140 may comprise anE-SMLC, a Secure User Plane Location (SUPL) Location Platform (SLP), aSUPL Location Center (SLC), a SUPL Positioning Center (SPC), a PositionDetermining Entity (PDE) and/or a gateway mobile location center (GMLC),each of which may connect to one or more location retrieval functions(LRFs) and/or mobility management entities (MMEs) of network 130.

In particular embodiments, communications between communications device102 and cellular transmitter 110, satellite 114, local transceiver 115,and so forth may occur utilizing signals communicated across wirelesscommunications channels. Accordingly, the term “signal” may refer tocommunications utilizing propagation of electromagnetic waves acrosswireless communications channels. Signals may be modulated to conveymessages utilizing one or more techniques such as amplitude modulation,frequency modulation, binary phase shift keying (BPSK), quaternary phaseshift keying (QPSK) along with numerous other modulation techniques, andclaimed subject matter is not limited in this respect. Accordingly, asused herein, the term “messages” refers to parameters, such as binarysignal states, which may be encoded in a signal using one or more of theabove-identified modulation techniques.

In particular implementations, and as discussed below, communicationsdevice 102 may comprise circuitry and processing resources capable ofobtaining location related measurements (e.g. for signals received fromGPS or other Satellite Positioning System (SPS) satellites 114),cellular transceiver 110 or local transceiver 115 and possibly computinga position fix or estimated location of communications device 102 basedon these location related measurements. In some implementations,location related measurements obtained by communications device 102 maybe transferred to a location server such as an enhanced serving mobilelocation center (E-SMLC) or SUPL location platform (SLP) (e.g. which maycomprise a server, such as server 140) after which the location servermay estimate or determine an estimated location for communicationsdevice 102 based on the measurements. In the presently illustratedexample, location related measurements obtained by communications device102 may include measurements of signals (124) received from satellitesbelonging to an SPS or Global Navigation Satellite System (GNSS) such asGPS, GLONASS, Galileo or Beidou and/or may include measurements ofsignals (such as 123 and/or 125) received from terrestrial transmittersfixed at known locations (e.g., such as cellular transceiver 110).

Communications device 102 or a separate location server may obtain alocation estimate for communications device 102 based on locationrelated measurements using any one of several position methods such as,for example, GNSS, Assisted GNSS (A-GNSS), Advanced Forward LinkTrilateration (AFLT), Observed Time Difference Of Arrival (OTDOA) orEnhanced Cell ID (E-CID) or combinations thereof. In some of thesetechniques (e.g. A-GNSS, AFLT and OTDOA), pseudoranges or timingdifferences may be measured at communications device 102 relative tothree or more terrestrial transmitters fixed at known locations orrelative to four or more satellites with accurately known orbital data,or combinations thereof, based at least in part, on pilots, positioningreference signals (PRS) or other positioning related signals transmittedby the transmitters or satellites and received at communications device102. Here, server 140 may be capable of providing positioning assistancedata to communications device 102 including, for example, informationregarding signals to be measured (e.g., signal timing), locations andidentities of terrestrial transmitters and/or signal, timing and orbitalinformation for GNSS satellites to facilitate positioning techniquessuch as A-GNSS, AFLT, OTDOA and E-CID. For example, server 140 maycomprise an almanac to indicate locations and identities of cellulartransceivers and/or local transceivers in a particular region or regionssuch as a particular venue, and may provide information descriptive ofsignals transmitted by a cellular base station or AP such astransmission power and signal timing. In the case of E-CID,communications device 102 may obtain measurements of signal strengthsfor signals received from cellular transceiver 110 and/or localtransceiver 115 and/or may obtain a round trip signal propagation time(RTT) between communications device 102 and a cellular transceiver 110or local transceiver 115. A communications device 102 may use thesemeasurements together with assistance data (e.g. terrestrial almanacdata or GNSS satellite data such as GNSS Almanac and/or GNSS Ephemerisinformation) received from server 140 to determine a location estimatefor communications device 102 or may transfer the measurements to server140 to perform the same determination. A call from communications device102 may be routed, based on the location of communications device 102,and connected to PSTN 150, for example, via wireless communication link123 and communications link 160.

A mobile device at a call source (e.g., communications device 102 ofFIG. 1 ) may be referred to by any name corresponding to a cellphone,smartphone, laptop, tablet, PDA, tracking device or some other portableor movable device. Typically, though not necessarily, a mobile devicemay support wireless communication such as using GSM, WCDMA, LTE, CDMA,HRPD, WiFi, BT, WiMax, etc. A mobile device may also support wirelesscommunication using a wireless LAN (WLAN), DSL or packet cable forexample. A mobile device may comprise a single entity or may comprisemultiple entities such as in a personal area network where a user mayemploy audio, video and/or data I/O devices and/or body sensors and aseparate wireline or wireless modem. An estimate of a location of amobile device (e.g., communications device 102) may be referred to as alocation, location estimate, location fix, fix, position, positionestimate or position fix, and may be geographic, thus providing locationcoordinates for the mobile device (e.g., latitude and longitude) whichmay or may not include an altitude component (e.g., height above sealevel, height above or depth below ground level, floor level or basementlevel).

The architecture of the cellular communications network described inrelation to FIG. 1 may comprise a generic architecture that is capableof accommodating a variety of outdoor and indoor location solutionsincluding the standard SUPL user plane location solution defined by theOpen Mobile Alliance (OMA) and standard control plane location solutionsdefined by 3GPP and 3GPP2. For example, server 140 may function as (i) aSUPL location platform to support the SUPL location solution, (ii) anE-SMLC to support the 3GPP control plane location solution with LTEaccess on wireless communication link 123 or 125, or (iii) a StandaloneServing Mobile Location Center (SAS) to support the 3GPP Control PlaneLocation solution for UMTS.

In view of the communications infrastructure shown and described inreference to FIG. 1 , more particular embodiments directed towardreducing the risk of fraud and deception involving a subscriber accountidentifier that corresponds to the subscriber's communications deviceare discussed hereinbelow. Thus, FIG. 2 shows a subscriber in possessionof a communications device to permit interaction with a client serverand an identity verifier, according to an embodiment 200. In theembodiment of FIG. 2 , mobile subscriber 205 may be located at any pointwithin communications range of cellular transceiver 110. As shown inFIG. 2 , communications device 102 may communicate with client server225 via network 130 wirelessly coupled to cellular transceiver 110. Itshould be noted, however, that claimed subject matter is not limitedexclusively to wireless communications between device 102 and cellulartransceiver 110. For example, in particular embodiments, communicationsdevice 102 may communicate with client server 225 by way of one or moreintervening Wi-Fi or wireline telephone services (e.g., the publicswitched telephone network).

Subscriber 205 may attempt to engage in a financial transaction viaclient server 225, which may signify a bank (or other type of financialinstitution), a healthcare provider, a content provider, or any othertype of entity that may, at least from time to time, requireverification, authentication, and/or auditing of subscriber 205 prior topermitting a transaction to take place. Accordingly, subscriber 205 mayinitiate a transaction involving client server 225 utilizing, forexample, communications device 102. In the embodiment of FIG. 2 ,subscriber 205 may establish a browser session, such as a browsersession utilizing a mobile Internet service provider, with client server225. During such a browser session, communications device 102 maytransmit, convey, or otherwise signal an intent to engage in atransaction, such as a financial transaction, via client server 225.Alternatively, in particular embodiments, communications device 102 maysignal an intent to engage in a transaction outside of a browsersession, such as by pushing one or more messages (e.g., via shortmessaging system or SMS messages) to client server 225, without clientserver 225 initiating one or more requests to be answered bycommunications device 102.

Responsive to client server 225 receiving, for example, a transmissionsignaling an intent of subscriber 205 to initiate a transaction, clientserver 225 may communicate with identity verifier 228. Identity verifier228 may operate to verify, authenticate, and/or audit subscriber 205 soas to determine a reputation of communications device. Thus, identityverifier may utilize parameters obtained from communications device 102to access one or more records relating to historical events relevant todevice 102. Accordingly, identity verifier 228 may access devicedatabase 230 to obtain account information comprising the name, address,phone number, and other parameters of subscriber 205. Identity verifier228 may additionally obtain historical records of deterministic eventswith respect to communications device 102. In some embodiments, identityverifier 228 may access device database 230 so as to permit computing atrustworthiness score or other measure of trustworthiness, with respectto communications device 102. A trustworthiness score or trustworthinessmeasure may be based, at least in part, on historical records relatingto instances of reassignment or porting of subscriber accountidentifiers (e.g., a telephone number) from a first communicationservices carrier to a second communication services carrier. Atrustworthiness score or trustworthiness measure may be based, at leastin part, on tenure of communications device 102, which may relate to aperiod of time subscriber 205 has owned, leased, or utilized services ofa carrier to provide communication services to device 102. Atrustworthiness score or trustworthiness measure may be based, at leastin part, on whether device 102 has undergone a SIM removal/replacement.A trustworthiness score or trustworthiness measure may be based, atleast in part, on whether device 102 has undergone a password orpersonal identification number reset, such as via a one-time password,for example. It should be noted that claimed subject matter is intendedto embrace additional contributors to a trustworthiness score ortrustworthiness measure, virtually without limitation.

As shown in FIG. 2 , communications device 102 may transmit an indicatorto client server 225, which may operate to identify a communicationservices carrier providing services to device 102. Responsive to receiptof an indicator from communications device 102, client server 225 maydetermine that communications device 102 is associated with a particularcommunication services carrier. In particular embodiments,communications device 102 may transmit an IP address, such as an IPv4address, IPv6 address, a media access control (MAC) address, or anyother type of indicator that identifies a logical address ofcommunications device 102. Responsive to receiving an indicator fromcommunications device 102, client server 225 may forward the indicatorto identity verifier 228. Following receipt of the indicator from clientserver 225, identity verifier 228 may utilize the indicator to generatea resource locator, which may be tailored to the logical location ofcommunications device 102. For example, responsive to an indicator fromcommunications device 102 indicating an IP address within a particularrange of IP addresses, identity verifier 228 may determine that device102 is currently operating on a cellular communications networkcorresponding to carrier “A.” Hence, identity verifier 228 may generatea tailored session identifier for transmission to communications device102. In another example, responsive to an indicator from device 102indicating an IP address within a different range of IP addresses,identity verifier 102 may determine that device 102 is currentlyoperating on a cellular communications network corresponding to carrier“B.” Identity verifier 228 may thus generate a differently-tailoredsession identifier for transmission to communications device 102. Insome instances, such variations in the tailoring of a session identifiermay involve placement of certain fields and/or parameters within aresource locator, such as a URL, transmitted to communications device102. In other instances, such variations in session identifiers mayinvolve types of fields, number of characters in a field, types ofcharacters in a field, or may include any other variations in tailoredsession identifiers, and claimed subject matter is not limited in thisrespect.

In another embodiment, an indicator transmitted from communicationsdevice 102 to client server 225 may comprise, for example, analphanumeric combination, which may directly indicate a particularcommunication services carrier. Responsive to receipt of an alphanumericcombination, identity verifier 228 may determine that device 102 iscurrently operating on a cellular communications network correspondingto carrier “XYZ,” for example. Identity verifier 228 may thus prepare atailored session identifier for transmission to communications device102. For example, responsive to receipt of an alphanumeric combinationindicating that device 102 is currently operating on a cellularcommunications network corresponding to carrier “ABC,” identity verifier228 may prepare a tailored session identifier for transmission tocommunications device 102. In another example, responsive to receipt ofan alphanumeric combination from device 102, indicating that device 102is currently operating on a cellular communications networkcorresponding to carrier “XYZ,” identity verifier 228 may prepare adifferently-tailored session identifier for transmission tocommunications device 102. Similar to that described above, in someinstances, such variations in formulation of a session identifier mayinvolve positioning of certain fields and/or parameters within aresource locator, such as a URL, transmitted to communications device102. In other instances, such variations in formulation of a sessionidentifier may involve the types of fields, number of characters in afield, types of characters in a field, or may include any othervariations in generation of a session identifier, and claimed subjectmatter is not limited in this respect.

Responsive to receipt of a session identifier from identity verifier228, which may be forwarded to communications device 102, by way ofclient server 225, network 130, and cellular transceiver 110, device 102may be directed to a website under the control of identity verifier 228.Hence, communications device 102 may initiate a web browser, forexample, utilizing a resource locator comprising the session identifierreceived from identity verifier 228. Following establishment of aconnection, such as a mobile wireless Internet connection, betweencommunications device 102 and identity verifier 228, the identityverifier may revoke the session identifier so as to preclude further useof the identifier. It may be appreciated that such revocation of thesession identifier may prevent an unscrupulous individual fromattempting to reuse a previously issued session identifier for thepurposes of engaging in a fraudulent transaction utilizing identityverifier 228. In particular embodiments, in response to receipt of apreviously revoked session identifier, identity verifier 228 mayimmediately recognize the occurrence of a potentially fraudulenttransaction, which may result in identity verifier 228 refraining fromfurther communication with a communications device.

In the embodiment of FIG. 2 , following revocation of the sessionidentifier conveyed from identity verifier 228 to communications device102 (via client server 225, network 130, and cellular transceiver 110)identity verifier 228 may initiate a browser based communication sessiondirectly with communications device 102. Identity verifier 228 maytransmit an additional session identifier, which may comprise one ormore one-time-use tokens, to communications device 102. Identityverifier 228 may then, at least temporarily, suspend interaction withclient server 225. During a browser session, identity verifier 228 maydirect communications device 102 to access or determine the contents ofone or more memory locations internal to communications device 102 andtransmit one or more device-specific identifiers. In an embodiment,device-specific identifiers may be unique to a particular communicationsdevice 102, such as comprising, an International Mobile SubscriberIdentifier (IMSI), an International Mobile Electronic Identifier (IMEI),or a Mobile Station International Subscriber Directory Number (MSISDN),an Integrated Circuit Card Identifier (ICC ID), or any combinationthereof.

Following receipt of one or more identifiers accessed from locationsinternal to communications device 102, identity verifier 228 may comparereceived identifiers with one or more stored identifiers by way ofaccessing device database 230. In response to determining thatdevice-specific parameters obtained from communications device 102 matchcorresponding parameters stored in device database 230, identityverifier 228 may verify and/or authenticate subscriber 205 collocatedwith communications device 102. Conversely, in response to determiningthat device-specific parameters obtained from communications device 102do not match corresponding parameters stored in device database 230,identity verifier 228 may determine that subscriber 205 cannot beverified and/or authenticated. Identity verifier 228 may additionallyindicate that a particular transaction, such as a transaction recentlyinitiated utilizing communications device 102, may be fraudulent.

Following identity verifier 228 successfully verifying the identity ofsubscriber 205, or, in contrast, following identity verifier 228unsuccessfully verifying the identity of subscriber 205, identityverifier 228 may instruct communications device 102 to reestablishcontact with client server 225. In turn, communications device 102 mayreestablish contact with client server 225 and provide a second uniqueidentifier, such as an additional session identifier, to client server225. In response to communications device 102 providing, for example, asecond identifier to client server 225, the client server may query orotherwise communicate with identity verifier 228 in regards to anidentity verification determination made by identity verifier 228 withrespect to communications device 102. Accordingly, by supplying a secondidentifier to client server 225, the client server may forward thesecond identifier to identity verifier 228. Identity verifier 228 mayutilize the second identifier to present identity verification resultsto client server 225. In turn, client server 225 may determine whetherto proceed with the transaction initiated by subscriber 205 and/orwhether to terminate such transaction. Accordingly, it may beappreciated that communications device 102 providing a second identifierto client server 225 may operate to provide an indication to identityverifier 228 of a particular transaction for which client server 225 isinquiring. Upon presenting the identifier to identity verifier 228, theidentity verifier may provide results of an identity verificationprocess involving communications device 102.

In particular embodiments, after successfully proving that a subscriberis in possession of a particular communications device, identityverifier 228 may access database 230 to determine whether particulardeterministic events have occurred with respect to communications device102. As previously noted, such deterministic events may include, but arenot limited to, recent porting of a subscriber account identifier (e.g.,a telephone number) associated with communications device 102, recentreplacement of a communications device, a recent request of aone-time-password associated with communications device 102,removal/replacement of a SIM of communications device 102, as well asany number of additional risk events associated with communicationsdevice 102. Responsive to determining whether such risk events haveoccurred and, perhaps, a frequency of occurrence of one or more riskevents, identity verifier 228 may provide client server 225 with atrustworthiness score or trustworthiness measure. In accordance withbusiness rules and/or business logic implemented by an institutiondirecting the operations of client server 225, the transaction initiatedby subscriber 205 may be allowed, or may be suspended until furtherparameters regarding mobile device 102 and/or subscriber 205 can begathered, or may be disallowed entirely.

FIG. 3 is a diagram showing message flow between a communicationsdevice, a client server, and an identity verifier, according to anembodiment 300. In the embodiment of FIG. 3 , a subscriber, such assubscriber 205 of FIG. 2 , may be in possession of and/or be collocatedwith a communications device, such as communications device 102. Asubscriber may wish to engage in a transaction, such as a financialtransaction, a transaction to obtain privileged content (e.g.,healthcare records, premium entertainment, etc.), utilizing acommunications device. Thus, as shown in FIG. 3 , a communicationsdevice may establish contact with a client server, such as client server225, operating under the control and/or direction of, for example, afinancial institution. In a manner similar to that of FIG. 2 , acommunications device may, such as in 305, transmit an indicator, suchas an IP address, an alphanumeric combination, or any other type ofsignal that identifies or associates a communications device as beingserved or provisioned by a particular communication services carrier. Inparticular embodiments, an indicator may comprise an IP address, a MediaAccess Control (MAC) address, or an alphanumeric combination which maydirectly identify a carrier providing communication services. In theembodiment of FIG. 3 , a communications device may establish a browsersession with a client server, such as a browser session utilizing amobile Internet service provider, or may operate without establishing abrowser session with a client server. In either of these instances (orin a variety of other instances), responsive to an attempt by asubscriber to engage in a transaction, a client server may establishcontact with an identity verifier, such as identity verifier 228 of FIG.2 , so as to obtain identity verification and/or authorization of asubscriber operating, or at least collocated with, a communicationsdevice. Responsive to establishing contact with an identity verifier, aclient server may transmit, at 310, the indicator to an identityverifier.

Following receipt of an indicator from a client server, an identityverifier may generate a resource locator, such as a URL, which may betailored to an indicator provided by a communications device. A resourcelocator may be returned to a client server, such as at 315. A clientserver may, in turn, transmit a resource locator to a communicationsdevice, such as at 320. A resource locator may include a sessionidentifier formulated or generated by an identity verifier. Responsiveto receipt of a resource locator, a communications device may establisha session directly with an identity verifier, such as at 325, utilizinga resource locator. The resource locator may correspond to the resourcelocator transmitted to the communications device, as in 320.

Following receipt of a session identifier from a communications device,an identity verifier may revoke or otherwise prevent reuse of a sessionidentifier, such as at 330. In embodiments, revocation of a sessionidentifier may ensure that an impersonator, such as an unscrupulousindividual attempting to impersonate an owner of a particularcommunications device, is not able to engage in a potentially fraudulenttransaction utilizing the session identifier at another time. Followingrevocation of a session identifier, an identity verifier may establish abrowser session with a communications device, such as at 335.Establishing a browser session with a communications device may involvegeneration of at least one additional session identifier comprising oneor more one-time-use tokens. During a browser session, perhaps, underthe direction of an application program, for example, operating on acommunications device, the communications device may access one or moredevice-specific identifiers stored in a memory of a communicationsdevice, such as an IMSI, an IMEI, an MSISDN, an ICC ID, or anycombination thereof, such as at 340. At 345, one or more device-specificidentifiers may be transmitted to an identity verifier. At 350, anidentity verifier may verify and/or authenticate a communications devicebased, at least in part, on device-specific identifiers transmitted froma communications device, such as at 345. At 355, an identity verifiermay redirect a communications device to reestablish communications witha client server. Also at 355, an identity verifier may instruct thecommunications device to present a second identifier to a client server.At 360, the communications device may present the second identifier to aclient server which, in turn, may present the second identifier to anidentity verifier, such as at 365. By presenting a second identifier toan identity verifier, a client server may receive any results ofidentity verification and/or authentication performed by an identityverifier for a particular device.

FIG. 4 shows a communications device accessing device-specificparameters from a SIM, according to an embodiment 400. In the embodimentof FIG. 4 , communications device 102, while executing a browsersession, may access device-specific parameters stored within memorylocations of the device for transmittal to an identity verifier.

FIG. 5 shows a process of proving possession of a communications devicevia a directed connection to an identity verifier, according to anembodiment 500. It should be noted that the disclosed embodiments, suchas the embodiment of FIG. 5 , are intended to embrace numerousvariations, including methods that may include actions in addition tothose depicted in the figures, actions performed in an order differentthan those depicted in the figures, as well as methods including fewersteps than those depicted. The method of FIG. 5 begins at 505, whichincludes a communications device transmitting an indicator (e.g., an IPaddress, a MAC address, an alphanumeric combination, etc.) to a clientserver. An indicator may be utilized to identify a specificcommunications device to a communication services carrier providingservices to the communications device. The client server may beoperating under the control of an institution, such as a financialinstitution, for example. The method may continue at 510, which includesan identity verifier receiving the indicator indicating thecommunication services carrier providing services to the communicationsdevice.

At 515, an identity verifier may generate a tailored session identifierbased, at least in part, on an indicator received from a communicationsdevice via a client server. In particular embodiments, a sessionidentifier may be embedded or otherwise arranged within a resourcelocator (e.g., a URL). In addition, at 515, the session identifier maybe transmitted to a communications device via a client server.Transmission of the session identifier may involve forwarding of thesession identifier from the client server through a communicationsnetwork (e.g., a mobile cellular communications network) to be receivedby the communications device, such as at 520. At 525, in response toreceiving a session identifier, a communications device may be directedto establish communications with an identity verifier. In establishing adirect connection, a communications device may utilize a URL embeddedwithin the session identifier. At 530, in response to receiving thesession identifier via a direct connection with the communicationsdevice, an identity verifier may revoke the session identifier so as toprevent an unscrupulous individual, for example, from reusing theidentifier to conduct a potentially fraudulent transaction.

At 535, an identity verifier may establish a browser session with thecommunications device. At 535, an identity verifier may transmit anadditional session identifier, which may comprise one or moreone-time-use tokens, to a communications device. At 540, under thecontrol of a browser program executing on a communications device, thedevice may access or determine one or more device-specific identifiers,such as an IMSI, an IMEI, an MSISDN, an ICC ID, or any combinationthereof. In particular embodiments, a browser program may direct aprocessor of the communications device to query one or more memorylocations internal to the device to obtain device-specific identifiers.In particular embodiments, memory locations may correspond to memoryaddresses of a SIM that has been inserted into the communicationsdevice. At 545, the communications device may transmit the one or moredevice-specific identifiers to an identity verifier. At 550, an identityverifier may verify/authenticate a particular subscriber operating thecommunications device. Such verification/authentication of thesubscriber operating the communications device may be based, at least inpart, on proving that the particular subscriber is in possession of, orat least collocated with, the communications device. At 555, an identityverifier may provide a second identifier to the communications deviceand redirect the communications device to reestablish communicationswith a client server, such as the client/server referenced in relationto 505. At 560, following reestablishing communications with the clientserver, the communications device may provide the second identifier tothe client server. By way of providing the second identifier to theclient server, the client server may present the identifier to theidentity verifier. In turn, the identity verifier may provide results ofany verification/authentication activities involving the particularcommunications device.

FIG. 6 is a diagram showing a computing environment, according to anembodiment 600. In the embodiment of FIG. 6 , first and third devices602 and 606 may be capable of rendering a graphical user interface (GUI)for a network device, such as server device 140 of FIG. 1 , so that asubscriber utilizing a communications device (e.g., a mobilecommunications device) may engage in system use. Device 604 maypotentially serve a similar function in this illustration. Likewise, inFIG. 6 , computing device 602 (‘first device’ in FIG. 6 ) may interfacewith computing device 604 (‘second device’ in FIG. 6 ), which may, forexample, also comprise features of a client computing device and/or aserver computing device, in an embodiment. Processor (e.g., processingdevice) 620 and memory 622, which may comprise primary memory 624 andsecondary memory 626, may communicate by way of a communicationinterface 630, for example. The term “computing device,” in the contextof the present patent application, refers to a system and/or a device,such as a computing apparatus, that includes a capability to process(e.g., perform computations) and/or store digital content, such aselectronic files, electronic documents, measurements, text, images,video, audio, etc. in the form of signals and/or states. Thus, acomputing device, in the context of the present patent application, maycomprise hardware, software, firmware, or any combination thereof (otherthan software per se). Computing device 604, as depicted in FIG. 6 , ismerely one example, and claimed subject matter is not limited in scopeto this particular example.

In FIG. 6 , computing device 602 may provide one or more sources ofexecutable computer instructions in the form of physical states and/orsignals (e.g., stored in memory states), for example. Computing device602 may communicate with computing device 604 by way of a networkconnection, such as via network 608, for example. As previouslymentioned, a connection, while physical, may be virtual while notnecessarily being tangible. Although computing device 604 of FIG. 6shows various tangible, physical components, claimed subject matter isnot limited to a computing devices having only these tangible componentsas other implementations and/or embodiments may include alternativearrangements that may comprise additional tangible components or fewertangible components, for example, that function differently whileachieving similar results. Rather, examples are provided merely asillustrations. It is not intended that claimed subject matter be limitedin scope to illustrative examples.

Memory 622 may comprise any non-transitory storage mechanism. Memory 622may comprise, for example, primary memory 624 and secondary memory 626,additional memory circuits, mechanisms, or combinations thereof may beused. Memory 622 may comprise, for example, random access memory, readonly memory, etc., such as in the form of one or more storage devicesand/or systems, such as, for example, a disk drive including an opticaldisc drive, a tape drive, a solid-state memory drive, etc., just to namea few examples.

Memory 622 may comprise one or more articles utilized to store a programof executable computer instructions. For example, processor 620 mayfetch executable instructions from memory and proceed to execute thefetched instructions. Memory 622 may also comprise a memory controllerfor accessing device readable-medium 640 that may carry and/or makeaccessible digital content, which may include code, and/or instructions,for example, executable by processor 620 and/or some other device, suchas a controller, as one example, capable of executing computerinstructions, for example. Under direction of processor 620, anon-transitory memory, such as memory cells storing physical states(e.g., memory states), comprising, for example, a program of executablecomputer instructions, may be executed by processor 620 and able togenerate signals to be communicated via a network, for example, aspreviously described. Generated signals may also be stored in memory,also previously suggested.

Memory 622 may store electronic files and/or electronic documents, suchas relating to one or more users, and may also comprise amachine-readable medium that may carry and/or make accessible content,including code and/or instructions, for example, executable by processor620 and/or some other device, such as a controller, as one example,capable of executing computer instructions, for example. As previouslymentioned, the term electronic file and/or the term electronic documentare used throughout this document to refer to a set of stored memorystates and/or a set of physical signals associated in a manner so as tothereby form an electronic file and/or an electronic document. That is,it is not meant to implicitly reference a particular syntax, formatand/or approach used, for example, with respect to a set of associatedmemory states and/or a set of associated physical signals. It is furthernoted an association of memory states, for example, may be in a logicalsense and not necessarily in a tangible, physical sense. Thus, althoughsignal and/or state components of an electronic file and/or electronicdocument, are to be associated logically, storage thereof, for example,may reside in one or more different places in a tangible, physicalmemory, in an embodiment.

Algorithmic descriptions and/or symbolic representations are examples oftechniques used by those of ordinary skill in the signal processingand/or related arts to convey the substance of their work to othersskilled in the art. An algorithm is, in the context of the presentpatent application, and generally, is considered to be a self-consistentsequence of operations and/or similar signal processing leading to adesired result. In the context of the present patent application,operations and/or processing involve physical manipulation of physicalquantities. Typically, although not necessarily, such quantities maytake the form of electrical and/or magnetic signals and/or statescapable of being stored, transferred, combined, compared, processedand/or otherwise manipulated, for example, as electronic signals and/orstates making up components of various forms of digital content, such assignal measurements, text, images, video, audio, etc.

Processor 620 may comprise one or more circuits, such as digitalcircuits, to perform at least a portion of a computing procedure and/orprocess. By way of example, but not limitation, processor 620 maycomprise one or more processors, such as controllers, micro-processors,micro-controllers, application specific integrated circuits, digitalsignal processors, programmable logic devices, field programmable gatearrays, the like, or any combination thereof. In various implementationsand/or embodiments, processor 620 may perform signal processing,typically substantially in accordance with fetched executable computerinstructions, such as to manipulate signals and/or states, to constructsignals and/or states, etc., with signals and/or states generated insuch a manner to be communicated and/or stored in memory, for example.

FIG. 6 also illustrates device 604 as including a component 632 operablewith input/output devices, and communication bus 615, for example, sothat signals and/or states may be appropriately communicated betweendevices, such as device 604 and an input device and/or device 604 and anoutput device. A user may make use of an input device, such as acomputer mouse, stylus, track ball, keyboard, and/or any other similardevice capable of receiving user actions and/or motions as inputsignals. Likewise, for a device having speech to text capability, a usermay speak to generate input signals. Likewise, a user may make use of anoutput device, such as a display, a printer, etc., and/or any otherdevice capable of providing signals and/or generating stimuli for auser, such as visual stimuli, audio stimuli and/or other similarstimuli.

FIG. 7 is a flowchart for a process of proving possession of acommunications device, according to an embodiment (700). The method ofFIG. 7 begins at 710, which comprises receiving, from a client server,an indicator identifying a communication services carrier servicing thecommunications device. The method may continue at 715, which includesgenerating a session identifier and a resource locator to be used by thecommunications device to establish a directed connection with anidentity verifier at and address corresponding to the resource locator.The resource locator may be determined based, at least in part, on theindicator received from the client server. The method may continue at720, which includes transmitting the session identifier and/or theresource locator to the communications device via the client server. At725, the method may continue with receiving, from the client server viathe communication services carrier, one or more identifiers of thecommunications device based, at least in part, on the session identifierand the resource locator, the one or more identifiers to be determined,at least in part, from content stored within, or data derived from,memory of the communications device.

In the context of the present patent application, the term “connection,”the term “component” and/or similar terms are intended to be physical,but are not necessarily always tangible. Whether or not these termsrefer to tangible subject matter, thus, may vary in a particular contextof usage. As an example, a tangible connection and/or tangibleconnection path may be made, such as by a tangible, electricalconnection, such as an electrically conductive path comprising metal orother conductor, that is able to conduct electrical current between twotangible components. Likewise, a tangible connection path may be atleast partially affected and/or controlled, such that, as is typical, atangible connection path may be open or closed, at times resulting frominfluence of one or more externally derived signals, such as externalcurrents and/or voltages, such as for an electrical switch. Non-limitingillustrations of an electrical switch include a transistor, a diode,etc. However, a “connection” and/or “component,” in a particular contextof usage, likewise, although physical, can also be non-tangible, such asa connection between a client and a server over a network, particularlya wireless network, which generally refers to the ability for the clientand server to transmit, receive, and/or exchange communications, asdiscussed in more detail later.

In a particular context of usage, such as a particular context in whichtangible components are being discussed, therefore, the terms “coupled”and “connected” are used in a manner so that the terms are notsynonymous. Similar terms may also be used in a manner in which asimilar intention is exhibited. Thus, “connected” is used to indicatethat two or more tangible components and/or the like, for example, aretangibly in direct physical contact. Thus, using the previous example,two tangible components that are electrically connected are physicallyconnected via a tangible electrical connection, as previously discussed.However, “coupled,” is used to mean that potentially two or moretangible components are tangibly in direct physical contact.Nonetheless, “coupled” is also used to mean that two or more tangiblecomponents and/or the like are not necessarily tangibly in directphysical contact, but are able to co-operate, liaise, and/or interact,such as, for example, by being “optically coupled.” Likewise, the term“coupled” is also understood to mean indirectly connected. It is furthernoted, in the context of the present patent application, since memory,such as a memory component and/or memory states, is intended to benon-transitory, the term physical, at least if used in relation tomemory necessarily implies that such memory components and/or memorystates, continuing with the example, are tangible.

Additionally, in the present patent application, in a particular contextof usage, such as a situation in which tangible components (and/orsimilarly, tangible materials) are being discussed, a distinction existsbetween being “on” and being “over.” As an example, deposition of asubstance “on” a substrate refers to a deposition involving directphysical and tangible contact without an intermediary, such as anintermediary substance, between the substance deposited and thesubstrate in this latter example; nonetheless, deposition “over” asubstrate, while understood to potentially include deposition “on” asubstrate (since being “on” may also accurately be described as being“over”), is understood to include a situation in which one or moreintermediaries, such as one or more intermediary substances, are presentbetween the substance deposited and the substrate so that the substancedeposited is not necessarily in direct physical and tangible contactwith the substrate.

A similar distinction is made in an appropriate particular context ofusage, such as in which tangible materials and/or tangible componentsare discussed, between being “beneath” and being “under.” While“beneath,” in such a particular context of usage, is intended tonecessarily imply physical and tangible contact (similar to “on,” asjust described), “under” potentially includes a situation in which thereis direct physical and tangible contact, but does not necessarily implydirect physical and tangible contact, such as if one or moreintermediaries, such as one or more intermediary substances, arepresent. Thus, “on” is understood to mean “immediately over” and“beneath” is understood to mean “immediately under.”

It is likewise appreciated that terms such as “over” and “under” areunderstood in a similar manner as the terms “up,” “down,” “top,”“bottom,” and so on, previously mentioned. These terms may be used tofacilitate discussion, but are not intended to necessarily restrictscope of claimed subject matter. For example, the term “over,” as anexample, is not meant to suggest that claim scope is limited to onlysituations in which an embodiment is right side up, such as incomparison with the embodiment being upside down, for example. Anexample includes a flip chip, as one illustration, in which, forexample, orientation at various times (e.g., during fabrication) may notnecessarily correspond to orientation of a final product. Thus, if anobject, as an example, is within applicable claim scope in a particularorientation, such as upside down, as one example, likewise, it isintended that the latter also be interpreted to be included withinapplicable claim scope in another orientation, such as right side up,again, as an example, and vice-versa, even if applicable literal claimlanguage has the potential to be interpreted otherwise. Of course,again, as always has been the case in the specification of a patentapplication, particular context of description and/or usage provideshelpful guidance regarding reasonable inferences to be drawn.

Unless otherwise indicated, in the context of the present patentapplication, the term “or” if used to associate a list, such as A, B, orC, is intended to mean A, B, and C, here used in the inclusive sense, aswell as A, B, or C, here used in the exclusive sense. With thisunderstanding, “and” is used in the inclusive sense and intended to meanA, B, and C; whereas “and/or” can be used in an abundance of caution tomake clear that all of the foregoing meanings are intended, althoughsuch usage is not required. In addition, the term “one or more” and/orsimilar terms is used to describe any feature, structure,characteristic, and/or the like in the singular, “and/or” is also usedto describe a plurality and/or some other combination of features,structures, characteristics, and/or the like. Likewise, the term “basedon” and/or similar terms are understood as not necessarily intending toconvey an exhaustive list of factors, but to allow for existence ofadditional factors not necessarily expressly described.

Furthermore, it is intended, for a situation that relates toimplementation of claimed subject matter and is subject to testing,measurement, and/or specification regarding degree, that the particularsituation be understood in the following manner. As an example, in agiven situation, assume a value of a physical property is to bemeasured. If alternatively reasonable approaches to testing,measurement, and/or specification regarding degree, at least withrespect to the property, continuing with the example, is reasonablylikely to occur to one of ordinary skill, at least for implementationpurposes, claimed subject matter is intended to cover thosealternatively reasonable approaches unless otherwise expresslyindicated. As an example, if a plot of measurements over a region isproduced and implementation of claimed subject matter refers toemploying a measurement of slope over the region, but a variety ofreasonable and alternative techniques to estimate the slope over thatregion exist, claimed subject matter is intended to cover thosereasonable alternative techniques unless otherwise expressly indicated.

To the extent claimed subject matter is related to one or moreparticular measurements, such as with regard to physical manifestationscapable of being measured physically, such as, without limit,temperature, pressure, voltage, current, electromagnetic radiation,etc., it is believed that claimed subject matter does not fall with theabstract idea judicial exception to statutory subject matter. Rather, itis asserted, that physical measurements are not mental steps and,likewise, are not abstract ideas.

It is noted, nonetheless, that a typical measurement model employed isthat one or more measurements may respectively comprise a sum of atleast two components. Thus, for a given measurement, for example, onecomponent may comprise a deterministic component, which in an idealsense, may comprise a physical value (e.g., sought via one or moremeasurements), often in the form of one or more signals, signal samplesand/or states, and one component may comprise a random component, whichmay have a variety of sources that may be challenging to quantify. Attimes, for example, lack of measurement precision may affect a givenmeasurement. Thus, for claimed subject matter, a statistical orstochastic model may be used in addition to a deterministic model as anapproach to identification and/or prediction regarding one or moremeasurement values that may relate to claimed subject matter.

For example, a relatively large number of measurements may be collectedto better estimate a deterministic component. Likewise, if measurementsvary, which may typically occur, it may be that some portion of avariance may be explained as a deterministic component, while someportion of a variance may be explained as a random component. Typically,it is desirable to have stochastic variance associated with measurementsbe relatively small, if feasible. That is, typically, it may bepreferable to be able to account for a reasonable portion of measurementvariation in a deterministic manner, rather than a stochastic matter asan aid to identification and/or predictability.

Along these lines, a variety of techniques have come into use so thatone or more measurements may be processed to better estimate anunderlying deterministic component, as well as to estimate potentiallyrandom components. These techniques, of course, may vary with detailssurrounding a given situation. Typically, however, more complex problemsmay involve use of more complex techniques. In this regard, as alludedto above, one or more measurements of physical manifestations may bemodeled deterministically and/or stochastically. Employing a modelpermits collected measurements to potentially be identified and/orprocessed, and/or potentially permits estimation and/or prediction of anunderlying deterministic component, for example, with respect to latermeasurements to be taken. A given estimate may not be a perfectestimate; however, in general, it is expected that on average one ormore estimates may better reflect an underlying deterministic component,for example, if random components that may be included in one or moreobtained measurements, are considered. Practically speaking, of course,it is desirable to be able to generate, such as through estimationapproaches, a physically meaningful model of processes affectingmeasurements to be taken.

In some situations, however, as indicated, potential influences may becomplex. Therefore, seeking to understand appropriate factors toconsider may be particularly challenging. In such situations, it is,therefore, not unusual to employ heuristics with respect to generatingone or more estimates. Heuristics refers to use of experience relatedapproaches that may reflect realized processes and/or realized results,such as with respect to use of historical measurements, for example.Heuristics, for example, may be employed in situations where moreanalytical approaches may be overly complex and/or nearly intractable.Thus, regarding claimed subject matter, an innovative feature mayinclude, in an example embodiment, heuristics that may be employed, forexample, to estimate and/or predict one or more measurements.

It is further noted that the terms “type” and/or “like,” if used, suchas with a feature, structure, characteristic, and/or the like, using“optical” or “electrical” as simple examples, means at least partiallyof and/or relating to the feature, structure, characteristic, and/or thelike in such a way that presence of minor variations, even variationsthat might otherwise not be considered fully consistent with thefeature, structure, characteristic, and/or the like, do not in generalprevent the feature, structure, characteristic, and/or the like frombeing of a “type” and/or being “like,” (such as being an “optical-type”or being “optical-like,” for example) if the minor variations aresufficiently minor so that the feature, structure, characteristic,and/or the like would still be considered to be substantially presentwith such variations also present. Thus, continuing with this example,the terms optical-type and/or optical-like properties are necessarilyintended to include optical properties. Likewise, the termselectrical-type and/or electrical-like properties, as another example,are necessarily intended to include electrical properties. It should benoted that the specification of the present patent application merelyprovides one or more illustrative examples and claimed subject matter isintended to not be limited to one or more illustrative examples;however, again, as has always been the case with respect to thespecification of a patent application, particular context of descriptionand/or usage provides helpful guidance regarding reasonable inferencesto be drawn.

With advances in technology, it has become more typical to employdistributed computing and/or communication approaches in which portionsof a process, such as signal processing of signal samples, for example,may be allocated among various devices, including one or morecommunications devices and/or one or more server devices, via acomputing and/or communications network, for example. A network maycomprise two or more devices, such as network devices and/or computingdevices, and/or may couple devices, such as network devices and/orcomputing devices, so that signal communications, such as in the form ofsignal packets and/or signal frames (e.g., comprising one or more signalsamples), for example, may be exchanged, such as between a client serverdevice and/or a communications device, as well as other types ofdevices, including between wired and/or wireless devices coupled via awired and/or wireless network, for example.

In the context of the present patent application, the term networkdevice refers to any device capable of communicating via and/or as partof a network and may comprise a computing device. While network devicesmay be capable of communicating signals (e.g., signal packets and/orframes), such as via a wired and/or wireless network, they may also becapable of performing operations associated with a computing device,such as arithmetic and/or logic operations, processing and/or storingoperations (e.g., storing signal samples), such as in memory astangible, physical memory states, and/or may, for example, operate as acommunications device and/or a client server device in variousembodiments. Network devices capable of operating as a client server,may include, as examples, dedicated rack-mounted servers, desktopcomputers, laptop computers, set top boxes, tablets, netbooks, smartphones, wearable devices, integrated devices combining two or morefeatures of the foregoing devices, and/or the like, or any combinationthereof. As mentioned, signal packets and/or frames, for example, may beexchanged, such as between a server device and/or a communicationsdevice, as well as other types of devices, including between wiredand/or wireless devices coupled via a wired and/or wireless network, forexample, or any combination thereof. It is noted that the terms, server,server device, server computing device, server computing platform and/orsimilar terms are used interchangeably.

It should be understood that for ease of description, a network device(also referred to as a networking device) may be embodied and/ordescribed in terms of a computing device and vice-versa. However, itshould further be understood that this description should in no way beconstrued so that claimed subject matter is limited to one embodiment,such as only a computing device and/or only a network device, but,instead, may be embodied as a variety of devices or combinationsthereof, including, for example, one or more illustrative examples.

In the context of the present patent application, the term sub-networkand/or similar terms, if used, for example, with respect to a network,refers to the network and/or a part thereof. Sub-networks may alsocomprise links, such as physical links, connecting and/or couplingnodes, so as to be capable to communicate signal packets and/or framesbetween devices of particular nodes, including via wired links, wirelesslinks, or combinations thereof. Various types of devices, such asnetwork devices and/or computing devices, may be made available so thatdevice interoperability is enabled and/or, in at least some instances,may be transparent. In the context of the present patent application,the term “transparent,” if used with respect to devices of a network,refers to devices communicating via the network in which the devices areable to communicate via one or more intermediate devices, such as one ormore intermediate nodes, but without the communicating devicesnecessarily specifying the one or more intermediate nodes and/or the oneor more intermediate devices of the one or more intermediate nodesand/or, thus, may include within the network the devices communicatingvia the one or more intermediate nodes and/or the one or moreintermediate devices of the one or more intermediate nodes, but mayengage in signal communications as if such intermediate nodes and/orintermediate devices are not necessarily involved. For example, a routermay provide a link and/or connection between otherwise separate and/orindependent LANs.

The term electronic file and/or the term electronic document are usedthroughout this document to refer to a set of stored memory statesand/or a set of physical signals associated in a manner so as tothereby, at least logically, form a file (e.g., electronic) and/or anelectronic document. That is, it is not meant to implicitly reference aparticular syntax, format and/or approach used, for example, withrespect to a set of associated memory states and/or a set of associatedphysical signals. If a particular type of file storage format and/orsyntax, for example, is intended, it is referenced expressly. It isfurther noted an association of memory states, for example, may be in alogical sense and not necessarily in a tangible, physical sense. Thus,although signal and/or state components of a file and/or an electronicdocument, for example, are to be associated logically, storage thereof,for example, may reside in one or more different places in a tangible,physical memory, in an embodiment.

Also, for one or more embodiments, an electronic document and/orelectronic file may comprise a number of components. As previouslyindicated, in the context of the present patent application, a componentis physical, but is not necessarily tangible. As an example, componentswith reference to an electronic document and/or electronic file, in oneor more embodiments, may comprise text, for example, in the form ofphysical signals and/or physical states (e.g., capable of beingphysically displayed). Typically, memory states, for example, comprisetangible components, whereas physical signals are not necessarilytangible, although signals may become (e.g., be made) tangible, such asif appearing on a tangible display, for example, as is not uncommon.Also, for one or more embodiments, components with reference to anelectronic document and/or electronic file may comprise a graphicalobject, such as, for example, an image, such as a digital image, and/orsub-objects, including attributes thereof, which, again, comprisephysical signals and/or physical states (e.g., capable of being tangiblydisplayed). In an embodiment, digital content may comprise, for example,text, images, audio, video, and/or other types of electronic documentsand/or electronic files, including portions thereof, for example.

For one or more embodiments, a device, such as a computing device and/ornetworking device, may comprise, for example, any of a wide range ofdigital electronic devices, including, but not limited to, desktopand/or notebook computers, high-definition televisions, digitalversatile disc (DVD) and/or other optical disc players and/or recorders,game consoles, satellite television receivers, cellular telephones,tablet devices, wearable devices, personal digital assistants, mobileaudio and/or video playback and/or recording devices, Internet of Things(IoT) type devices, or any combination of the foregoing. Further, unlessspecifically stated otherwise, a process as described, such as withreference to flow diagrams and/or otherwise, may also be executed and/oraffected, in whole or in part, by a computing device and/or a networkdevice. A device, such as a computing device and/or network device, mayvary in terms of capabilities and/or features. Claimed subject matter isintended to cover a wide range of potential variations. For example, adevice may include a numeric keypad and/or other display of limitedfunctionality, such as a monochrome liquid crystal display (LCD) fordisplaying text, for example. In contrast, however, as another example,a web-enabled device may include a physical and/or a virtual keyboard,mass storage, one or more accelerometers, one or more gyroscopes, globalpositioning system (GPS) and/or other location-identifying typecapability, and/or a display with a higher degree of functionality, suchas a touch-sensitive color 2D or 3D display, for example.

As suggested previously, communications between a computing deviceand/or a network device and a wireless network may be in accordance withknown and/or to be developed network protocols including, for example,global system for mobile communications (GSM), enhanced data rate forGSM evolution (EDGE), 802.11b/g/n/h, etc., and/or worldwideinteroperability for microwave access (WiMAX). As suggested previously,a computing device and/or a networking device may also have a subscriberidentity module (SIM) card, which, for example, may comprise adetachable or embedded smart card that is able to store subscriptioncontent of a user, and/or is also able to store a contact list. It isnoted, as previously mentioned, that a SIM card may also be electronicin the sense that it may simply be sorted in a particular location inmemory of the computing and/or networking device. A user may own thecomputing device and/or network device or may otherwise be a user, suchas a primary user, for example. A device may be assigned an address by awireless network operator, a wired network operator, and/or an InternetService Provider (ISP). For example, an address may comprise a domesticor international telephone number, an Internet Protocol (IP) address,and/or one or more other identifiers. In other embodiments, a computingand/or communications network may be embodied as a wired network,wireless network, or any combinations thereof.

A computing and/or network device may include and/or may execute avariety of now known and/or to be developed operating systems,derivatives and/or versions thereof, including computer operatingsystems, such as Windows, iOS, Linux, a mobile operating system, such asiOS, Android, Windows Mobile, and/or the like. A computing device and/ornetwork device may include and/or may execute a variety of possibleapplications, such as a communications device application enablingcommunication with other devices. For example, one or more messages(e.g., content) may be communicated, such as via one or more protocols,now known and/or later to be developed, suitable for communication ofemail, short message service (SMS), and/or multimedia message service(MMS), including via a network, such as a social network, formed atleast in part by a portion of a computing and/or communications network.A computing and/or network device may also include executable computerinstructions to process and/or communicate digital content, such as, forexample, textual content, digital multimedia content, and/or the like. Acomputing and/or network device may also include executable computerinstructions to perform a variety of possible tasks, such as browsing,searching, playing various forms of digital content, including locallystored and/or streamed video, and/or games such as, but not limited to,fantasy sports leagues. The foregoing is provided merely to illustratethat claimed subject matter is intended to include a wide range ofpossible features and/or capabilities.

In the preceding description, various aspects of claimed subject matterhave been described. For purposes of explanation, specifics, such asamounts, systems and/or configurations, as examples, were set forth. Inother instances, well-known features were omitted and/or simplified soas not to obscure claimed subject matter. While certain features havebeen illustrated and/or described herein, many modifications,substitutions, changes and/or equivalents will now occur to thoseskilled in the art. It is, therefore, to be understood that the appendedclaims are intended to cover all modifications and/or changes as fallwithin claimed subject matter.

What is claimed is:
 1. A method of proving possession of acommunications device, comprising: receiving, from a client server, anindicator identifying a communication services carrier servicing thecommunications device, the indicator comprising an Internet protocol(IP) address assigned to the communication services carrier or analphanumeric combination identifying the communication services carrier,or a combination thereof; generating, by an identity verifier, a sessionidentifier, wherein placement of one or more fields or parameters of thesession identifier is varied based at least in part on the indicatoridentifying the communications services carrier; generating, by theidentity verifier and based, at least in part, on the indicatoridentifying the communication services carrier, a tailored resourcelocator, the tailored resource locator and the session identifier tofacilitate transmission via the identified communication servicescarrier for transmission from the client server to the communicationsdevice, the tailored resource locator and the session identifier to beused by the communications device to establish a directed connectionwith the identity verifier at an address corresponding to the tailoredresource locator; transmitting at least one of the session identifierand the tailored resource locator to the communications device via theclient server; and receiving, from the client server via thecommunication services carrier, one or more identifiers of thecommunications device based, at least in part, on the session identifierand the tailored resource locator, the one or more identifiers to bedetermined, at least in part, from content stored within, or dataderived from, memory of the communications device.
 2. The method ofclaim 1, further comprising: determining identity of the communicationsdevice based, at least in part, on the received one or more identifiers.3. The method of claim 2, wherein the received one or more identifierscomprise a telephone number, an International Mobile SubscriberIdentifier (IMSI), an Integrated Circuit Card Identifier (ICC ID), anInternational Mobile Equipment Identifier (IMEI), a Mobile StationInternational Subscriber Directory Number (MSISDN), a Media AccessControl (MAC) address, or any combination thereof.
 4. The method ofclaim 1, wherein the tailored resource locator corresponds to a uniformresource locator (URL).
 5. The method of claim 1, wherein the sessionidentifier comprises one or more one-time-use tokens.
 6. The method ofclaim 1, wherein the indicator identifying the communication servicescarrier comprises an alphanumeric combination.
 7. The method of claim 1,wherein the indicator identifying the communication services carriercomprises an Internet protocol (IP) address.
 8. The method of claim 7,further comprising: the identity verifier accessing a data store todetermine the communication services carrier providing services to thecommunications device based, at least in part, on the IP address.
 9. Themethod of claim 1, further comprising: the identity verifier: receivingthe session identifier from the communications device; and revoking thesession identifier so as to preclude a further use of the sessionidentifier.
 10. The method of claim 1, further comprising: generating,via the identity verifier, at least one additional session identifier;and establishing a browser based session with the communications device,based at least in part on the at least one additional sessionidentifier.
 11. The method of claim 10, wherein the at least oneadditional session identifier comprises one or more additionalone-time-use tokens.
 12. The method of claim 1, wherein the memory ofthe communications device corresponds to one or more memory locations ona subscriber identity module (SIM).
 13. An identity verifier comprisinga processor coupled to at least one memory device, the processor coupledto the at least one memory device to: receive, from a client server, anindicator to identify a communication services carrier to provideservice to a communications device, the indicator to comprise anInternet protocol (IP) address assigned to the communication servicescarrier or an alphanumeric combination to identify the communicationservices carrier, or a combination thereof; generate, by an identityverifier, a session identifier, wherein placement of one or more fieldsor parameters of the session identifier is to be varied based at leastin part on the indicator to identify the communications servicescarrier; generate, by the identity verifier and based, at least in part,on the indicator to identify the communication services carrier atailored resource locator, the tailored resource locator and the sessionidentifier to facilitate transmission via the identified communicationservices carrier for transmission from the client server to thecommunications device, the tailored resource locator and the sessionidentifier to be used by the communications device to establish adirected connection with the identity verifier at an address tocorrespond to the tailored resource locator; transmit the sessionidentifier and the tailored resource locator to the communicationsdevice via the client server; and receive, from the client server viathe communication services carrier, one or more identifiers of thecommunications device based, at least in part, on the session identifierand the tailored resource locator, the one or more identifiers to bedetermined, at least in part, from content stored within, or dataderived from, memory of the communications device.
 14. The identityverifier of claim 13, wherein one or more identifiers comprises atelephone number, an International Mobile Subscriber Identifier (IMSI),an Integrated Circuit Card Identifier (ICC ID), an International MobileEquipment Identifier (IMEI), a Mobile Station International SubscriberDirectory Number (MSISDN), a Media Access Control (MAC) address, or anycombination thereof.
 15. The identity verifier of claim 13, wherein thetailored resource locator corresponds to a uniform resource locator(URL).
 16. The identity verifier of claim 13, wherein the sessionidentifier comprises one or more one-time-use tokens.
 17. The identityverifier of claim 13, wherein the indicator to identify thecommunication services carrier comprises an alphanumeric combination.18. The identity verifier of claim 13, wherein the indicator to identifythe communication services carrier comprises an Internet protocol (IP)address.
 19. The identity verifier of claim 18, wherein the processorand the at least one memory are additionally to access a data store todetermine the communication services carrier to provide services to thecommunications device based, at least in part, on the IP address. 20.The identity verifier of claim 13, wherein the processor and the atleast one memory are additionally to: receive the session identifierfrom the communications device; and revoke the session identifier so asto preclude a further use of the session identifier.
 21. The identityverifier of claim 13, wherein the processor and the at least one memoryare additionally to: generate, via the identity verifier, at least oneadditional session identifier; and establish a browser based sessionwith the communications device, based at least in part on the at leastone additional session identifier.
 22. The identity verifier of claim21, wherein the at least one additional session identifier comprises oneor more additional one-time-use tokens.
 23. An article comprising: anon-transitory storage medium having instructions stored thereonexecutable by a special-purpose computing platform to: receive, from aclient server, an indicator to identify a communication services carrierto provide service to a communications device, the indicator to comprisean Internet protocol (IP) address assigned to the communication servicescarrier or an alphanumeric combination to identify the communicationservices carrier, or a combination thereof; generate, by an identityverifier, a session identifier, wherein placement of one or more fieldsor parameters of the session identifier is to be varied based at leastin part on the indicator to identify the communications servicescarrier; generate, by the identity verifier and based, at least in part,on the indicator to identify the communication services carrier, atailored resource locator, the tailored resource locator and the sessionidentifier to facilitate transmission via the identified communicationservices carrier for transmission from the client server to thecommunications device, the tailored resource locator and the sessionidentifier to be used by the communications device to establish adirected connection with an identity verifier at an address tocorrespond to the tailored resource locator; transmit the sessionidentifier and the tailored resource locator to the communicationsdevice via the client server; and to receive, from the client server viathe communication services carrier, one or more identifiers of thecommunications device based, at least in part, on the session identifierand the tailored resource locator, the one or more identifiers to bedetermined, at least in part, from content stored within, or dataderived from, memory of the communications device.
 24. The article ofclaim 23, wherein the instructions stored on the non-transitory storagemedium are additionally to: access a data store to determine thecommunication services carrier to provide services to the communicationsdevice based, at least in part, on an Internet protocol (IP) addressreferred to by the indicator.
 25. The article of claim 24, wherein thetailored resource locator comprises the session identifier, and whereinthe tailored resource locator is to be received by the communicationsdevice via the client server.
 26. The article of claim 24, wherein theinstructions stored on the non-transitory storage medium areadditionally to: receive from the communications device, via the clientserver, the session identifier; responsive to receipt of the sessionidentifier, revoke the session identifier so as to preclude further useof the session identifier; establish a browser-based session with thecommunications device; and access the data store to determine one ormore deterministic events with respect to the communications device. 27.A communications device, comprising at least one processor coupled to atleast one memory device to: receive a tailored resource locator from anidentity verifier, the tailored resource locator to have been tailoredby the identity verifier based, at least in part, on a communicationservices carrier, of a plurality of communication services carriers,identified via an indicator transmitted by the communications device,the indicator to comprise an Internet protocol (IP) address assigned tothe communication services carrier or an alphanumeric combination toidentify the communication services carrier, or a combination thereof,the tailored resource locator to comprise a session identifier, theplacement of one or more fields or parameters of the session identifierto be varied based at least in part on the indicator, wherein thetailored resource locator and the session identifier to facilitatetransmission via the identified communication services carrier fortransmission from a client server to the communications device; inresponse to receipt of the tailored resource locator and the sessionidentifier, establish communications with a computing device at alogical location to correspond to the tailored resource locator underdirection of the identity verifier; establish a browser-based sessionwith the identity verifier; and transmit one or more identifiers to bedetermined, at least in part, from content stored within, or dataderived from, memory of the communications device, to the identityverifier in response to one or more queries from the identity verifier.28. The communications device of claim 27, wherein the tailored resourcelocator corresponds to a uniform resource locator (URL).
 29. Thecommunications device of claim 28, wherein the session identifier isgenerated responsive to receipt of the indicator.
 30. The communicationsdevice of claim 29, wherein the indicator corresponds to an alphanumericcombination to indicate the identified communication services carrier.